[jboss-jira] [JBoss JIRA] Commented: (JBAS-6268) Null pointer exception for misconfigured web.xml

Daniel Taylor (JIRA) jira-events at lists.jboss.org
Mon Dec 1 15:19:36 EST 2008 

    [ https://jira.jboss.org/jira/browse/JBAS-6268?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12440634#action_12440634 ] 

Daniel Taylor commented on JBAS-6268:
-------------------------------------

the server starts fine, but when I attempt to load the site and the default welcome page is loaded the NPE is thrown.

Here is the full web.xml file, let me know if you need more information or if it can't be reproduced.

---

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.4" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee web-app_2_4.xsd">

	<listener>
		<listener-class>
			com.prod.ServerBoot
		</listener-class>
	</listener>

	<session-config>
      <session-timeout>30</session-timeout> 
    </session-config>
	
	<security-constraint>
		<web-resource-collection>
			<web-resource-name>MVC Application</web-resource-name>
			<url-pattern>/secure/*</url-pattern>
			<http-method>POST</http-method>
			<http-method>GET</http-method>
		</web-resource-collection>
		<auth-constraint>
			<description>
				Only allow Authenticated_users role
			</description>
			<role-name>authenticatedUser</role-name>
		</auth-constraint>
	</security-constraint>

	<security-role>
		<role-name>authenticatedUser</role-name>
	</security-role>

	<login-config>
		<auth-method>FORM</auth-method>
		<form-login-config>
			<form-login-page>/public/login.jsp</form-login-page>
			<form-error-page>/public/login.jsp</form-error-page>
		</form-login-config>
	</login-config>

	<welcome-file-list>
		<welcome-file>/secure/main.html</welcome-file>
	</welcome-file-list>

</web-app>


> Null pointer exception for misconfigured web.xml
> ------------------------------------------------
>
>                 Key: JBAS-6268
>                 URL: https://jira.jboss.org/jira/browse/JBAS-6268
>             Project: JBoss Application Server
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>    Affects Versions: JBossAS-5.0.0.CR2
>         Environment: Linux
>            Reporter: Daniel Taylor
>            Assignee: Anil Saldhana
>            Priority: Minor
>             Fix For: JBossAS-5.0.1.CR1
>
>
> A misconfigured web.xml throws a null pointer exception:
> 	<welcome-file-list>
> 		<welcome-file>secure/main.html</welcome-file>        <!--  missing a slash before 'secure', ie: /secure/main.html -->
> 	</welcome-file-list>
> throws exception:
> 10:20:00,977 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
> java.lang.NullPointerException
> 	at org.jboss.security.plugins.javaee.WebAuthorizationHelper.hasUserDataPermission(WebAuthorizationHelper.java:175)
> 	at org.jboss.web.tomcat.security.JBossWebRealm.hasUserDataPermission(JBossWebRealm.java:636)
> 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:461)
> 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:91)
> 	at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:92)
> 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> 	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
> 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:325)
> 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828)
> 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601)
> 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
> 	at java.lang.Thread.run(Thread.java:619)
> while not crucial to the development of jboss, I speak from experience when I say that it can take a long time to find the configuration error based upon the exception thrown...

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list